Re: strerror() not thread-safe -- does it matter?

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: strerror() not thread-safe -- does it matter?
From: William Ahern <william@...>
Date: Fri, 23 Mar 2012 02:20:13 -0700

On Fri, Mar 23, 2012 at 01:32:18AM -0700, Josh Haberman wrote:
> Lua uses strerror() in several places (lauxlib.c, liolib.c, luac.c),
> but it is not thread-safe.  On my system (OS X) strerror's static
> buffer is initialized to all-NULL, and therefore guaranteed to be
> NULL-terminated (even with racing writes), but are there systems where
> a race could crash the program?  An extremely low chance of an
> incorrect/garbled message seems acceptable, but the potential for a
> crash (or even a security exploit) seems bad.
> 
> Has this come up before?
> 

There's no easy way around this. The C standard doesn't provide a
thread-safe version of strerror, not even the new C11 standard which
provides threading. See section 7.23.6.2 of C11.

IMO, this is mostly  a quality of implementation issue. Any implementation
worth its salt should either return static, constant strings (at least for
the known errnos), or use thread-local-storage for its buffers.

That said, with the POSIX flag perhaps Lua could use strerror_r(). C11 Annex
K has strerror_s, but only Microsoft supports Annex K, and only partially at
that even though they sponsored it.

Follow-Ups:
- Re: strerror() not thread-safe -- does it matter?, Florian Weimer
- Re: strerror() not thread-safe -- does it matter?, Josh Haberman

References:
- strerror() not thread-safe -- does it matter?, Josh Haberman

Prev by Date: Re: [ANN] Lua 5.2.1 (work1) now available
Next by Date: Re: [ANN] Lua 5.2.1 (work1) now available
Previous by thread: strerror() not thread-safe -- does it matter?
Next by thread: Re: strerror() not thread-safe -- does it matter?
Index(es):
- Date
- Thread